package com.smzd.framework.sso;

import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.authentication.encoding.PasswordEncoder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

import com.smzd.framework.system.business.UserService;
import com.smzd.framework.system.domain.User;
import com.smzd.framework.utils.MeetingSessionHolder;
import com.smzd.framework.utils.URIStacks;
import com.smzd.utils.SessionHolder;

@Controller
public class LocalController {
    @Autowired
    UserService userService;
    @Autowired
    @Qualifier("smzdPasswordEncoder")
    PasswordEncoder passwordEncoder;

    @RequestMapping("/local/login")
    public String doAppLogin(HttpServletRequest request, Map<String, Object> model) {
        String username = request.getParameter("username");
        String password = request.getParameter("password");
        String client_id = request.getParameter("client_id");
        String forward = request.getParameter("forward");

        User user = retrieveUser(username, password);
        if (user == null) {
            String method = request.getParameter("_method");
            boolean json = method != null && "json".equalsIgnoreCase(method);
            if (json) {
                model.put("status", 404);
                model.put("username", username);
                model.put("password", password);
                model.put("client_id", client_id);
                model.put("message", "用户名或密码错误！");
                return "global/sso/localloginfail.ftl";
            }
            return "redirect:/local/err";
        }
        HttpSession session = request.getSession();
        session.setAttribute(MeetingSessionHolder.KEY_PREPARED_USER, user);
        MeetingSessionHolder.setPreparedUser(user);
        SessionBasedRedirectRequest req = new SessionBasedRedirectRequest(
                request,
                "/oauth/authorize?client_id="
                        + client_id
                        + "&redirect_uri=/local/getuser.do&response_type=code&scope=read+write&state=STATE&user_oauth_approval=true");
        URIStacks stacks = URIStacks.getInstance();
        stacks.clear();
        stacks.push(req);
        stacks.push(new SessionBasedRedirectRequest(request, "/local/login"));
        session.setAttribute(URIStacks.URISTACKS_SESSION_KEY, stacks);
        SessionHolder.setObject(URIStacks.URISTACKS_SESSION_KEY, stacks);
        return ("true".equals(forward) ? "forward" : "redirect") + ":/sso/preparedauth";
    }

    protected User retrieveUser(String username, String password) {
        User user = (User) userService.loadUserByUsername(username);
        if (user == null) {
            return null;
        }
        String encodedPassword = passwordEncoder.encodePassword(password, user);
        if (encodedPassword != null && encodedPassword.equalsIgnoreCase(user.getPassword())) {
            return user;
        }
        return null;
    }

}
